how to build a better cloud - evoswitch.com · how to build a better cloud part two 7 8. ... in a...

By Patrick van der Wilt, Commercial Director EvoSwitch

PART TWO: IMPLEMENTATION

HOW TOBUILDA BETTERCLOUD

Key considerations for your hybrid cloud journey

Part One of ‘How to Build a Better Cloud’ covered the planning phase -

business needs assessment and outcomes definition, service catalog creation

and delivery model analysis, readiness and interoperability assessment

and internal engagement for a hybrid cloud journey.

This paper covers the next steps, setting out some of the key considerations

when putting these plans into practice. Where to build your private cloud so

that it interconnects seamlessly with your public cloud partners and applications.

Accessing the cloud marketplace. What to look for in cloud providers and

implementation partners. How to avoid lock-in and ensure maximum flexibility

and the best possible management and performance.

The topics covered here are intended to give IT Directors, CIOs and CTOs,

reminders and ideas, with access through online sources and further reading

to deeper information. However, they are also meant to be accessible for

non-technical senior managers who are embarking on the hybrid cloud journey.

As pointed out in Part One, the cloud presents new business opportunities

in every functional area, and requires a closer level of cooperation and

understanding between IT and the rest of the organization than ever before.

Cloud drives cultural change. For the most ambitious businesses, it can be the

foundation for a process of digital transformation. A shared understanding of

the key moving parts of the cloud is a useful starting point for the new habits,

discussions and creative interactions that will take place on this journey.

INTRO

PART TWOHOW TO BUILD A BETTER CLOUD

09 |

08 |

11 |

13 |

15 |

19 |

21 |

25 |

Benefits of the cloud Flexibility, Efficiency, Competitive edge

Location, Location, Location“Cloud exchanges provide high-speed, secure and cost-effective access

to the broadest possible range of cloud service providers and partners.”

The cloud landscape“Although the infrastructure business looks like an oligopoly, there is

no default provider, and you should consider the potential for working

with more than one.”

Picking a partner“To find the right vendor - one that has a lot of experience and

successes under its belt with businesses similar to yours – you will

need to dedicate significant effort to research.”

Avoiding lock-in, enabling growth“It is perfectly practical to have a hybrid between multiple clouds,

or to run multiple solutions across multiple clouds.”.”

Service levels & performance“Standard SLAs tend to fall short when it comes to hybrid cloud

deployments, as each hybrid deployment is different.”

Security: first & last“Security should be central to the cloud delivery models you select

at the outset of your cloud journey, and it should continue to be central

to your day-to-day cloud management.”

ConclusionThe road to the cloud.

How to Build a Better CloudPart Two: Implementation

INDEXPART TWO

6

HOW TO BUILD A BETTER CLOUD

5

FlexibilityScalability: Cloud infrastructure scales up − and down − to support fluctuating

workloads

Storage choice: Choose public, private, or hybrid storage offerings to suit

Control: Set your level of control with as-a-service options, i.e. software as a service

(SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS)

Security: Virtual private cloud, encryption, and/or API keys help keep data secure.

EfficiencyAccessibility: Apps and data accessible from any Internet-connected device

Speed to market: DevOps in the cloud speeds time to market

Data security: Network backups avoid loss of data through hardware failures

Equipment Savings: Using remote resources saves on cost of servers and more

Pay as you go: Utility structure means users only pay for the resources they use.

Competitive edgeStreamlining: Cloud service providers (CSPs) manage underlying infrastructure,

allowing you to focus on the front end

Fresh Tech: Service providers regularly update ensuring the latest technology

Collaboration: Worldwide access means geo-independent teams

Speed: You can partner, create and move workstreams and solutions faster.

BENEFITS OF THE CLOUD

(Don't forget the)


87

If the infrastructure that you are proposing to shift to the cloud

is still in your own data center, now is the time to move into

cloud-neutral colocation. Cloud traffic is migrating to neutral data

centers at a breathtaking pace. According to Cisco, CAGR is 33%,

and by 2019 86 % of workloads will be processed by cloud data

centers, with only 14% processed by traditional data centers.

One of the reasons for this seismic shift is that cloud-neutral data

centers are optimal locations for hybrid clouds, coupling private

clouds for latency/compliancy sensitive applications and data with

the scalability of public clouds. Cloud-agnostic and carrier-neutral,

they also comply with world-class uptime and sustainability standards,

as well as sector-specific certifications. Cloud-neutral data centers

bring the cloud marketplace to the user, housing partners that can

help IT teams back up data, orchestrate multiple clouds or synchronize

data across multiple devices and locations.

Flexible cloud interconnection is also key. Many neutral cloud data

centers now offer cloud exchanges, such as EvoSwitch’s OpenCloud

exchange, which use vendor-neutral, widely accepted standards

for the benefit of service providers, brokers and users.

LOCATION,LOCATION,LOCATION.

GOOGLECLOUD

AMAZONAWS

MICROSOFTAZURE

PUBLICCLOUDPUBLIC

INTERNET

MANAGED CUSTOMERPRIVATE CLOUD

CUSTOMERPRIVATE CLOUD

CUSTOMER PREMISES

INTERNETPROVIDER

OpenCloud offers low-latency routes directly to the public cloud providers and partners you need.

The genuinely neutral exchanges allow real-time trading

of bandwidth, supported by a bilateral contract with suppliers.

They provide high-speed, secure and cost-effective access to the

broadest possible range of cloud service providers and partners,

including, but not limited to, large IaaS players like Microsoft,

Amazon, Google, Rackspace, Softlayer or VMware.

Businesses can also evolve easily into cloud service providers in

this environment, building or commissioning their own cloud services

using open source cloud development partners. Businesses that

join these fast-expanding cloud marketplaces can provision and

deprovision resources based on context, application, desktops,

and business unit. This makes them much more agile and constitutes

a significant step up in digital transformation capability.

10

HOW TO BUILD A BETTER CLOUD

9

PART TWO

1&1

UPCLO

UD

CITY C

LOUD

CLOUDSI

GMA

GOO

GLE C

OM

PUTE

CENTU

RYLIN

K

VCLOUD A

IR

CLOUDW

ATT

PRO

FITB

RICKS

ARUBA CLO

UD

RACKSPACE

UK

DATACEN

TRED

PHO

ENIX

NAP

AZURE

AMAZO

N

INTE

ROUTE

IBM

SO

FTLA

YER

DIMEN

SIO

N DATA

VERIZ

ON

0

20

40

60

80

100

CLO

UD

SPEC

S SC

OR

E

The definition of cloud has expanded over the last few years, and

the range of public platform, infrastructure and software services

is still growing fast. But - at the platform and infrastructure level -

there are still just a few famous names that lead the sector.

The following are the top three:

THE CLOUD LANDSCAPE

If you choose to locate your infrastructure with a major service

provider, the breadth of additional services tends to be key to the

selection decision. These parameters will have been mapped already

in your Service Catalog (see Part One, Planning). But remember,

although the infrastructure business looks like an oligopoly, there

is no default provider, and you should consider the potential for

working with more than one. It’s simply a question of best fit with

your business.

There are many more providers than ‘the big three’, with much

to recommend them. In a recent price-performance evaluation

by CloudSpecs of the leading European IaaS providers, Google,

Azure, and AWS were rated as #5, #14 and #15 respectively.

AWS - ‘the iphone of

the cloud’- still holds by

far the largest market

share globally, but like the

iphone, the competition is

closing the gap. AWS

offers a huge range of

services with winning

performance, but requires

a more DIY approach,

mainly due to their lack of

existing business apps.

Microsoft Azure is well

represented by partners in

Europe, has the benefit of

seamless integration with

onsite MS apps like

Office, SQL and Visual

Studio, and is increasingly

well integrated with open

source developer plat-

forms like Linux. The

platform is currently catch-

ing up to AWS.

Google Cloud offers

access to the custom-built

solutions and infrastruc-

ture that have driven

Google’s global success.

The platform is perfect for

Google Apps with a

particularly strong Big

Data portfolio.

Overall CloudSpecs Ranking

HOW TO BUILD A BETTER CLOUD PART TWO

11 12

IaaS and PaaS tend to be delivered through partner businesses

with local infrastructure and experts. The alternatives are either

self-management or contracting of a third-party integrator.

Self-management is ideal if this is manageable, but this is unusual.

Generally, it is necessary to involve specialists for design,

implementation and orchestration.

Third party consultants can deliver excellent value over a short project.

However, the fact that it is often not possible to build a long-term

relationship means that the relationship is not so investable, so responsi-

bilities and liability need to be very clearly set out at the beginning.

PICKING A PARTNER

Top 10 questions to ask prospective cloud partners:

1 Can you prove how reliable you are? Your standards and certifications need to match ours.

2 What are your T&Cs? Not your IaaS providers, yours. If something goes wrong can you fix it or do you pass it on?

3 Will you commit your staff to spending significant amounts of time on-premise?

4 Do you have an issue with working weekends, e.g. for migration?

5 What are your hours? (when it comes to critical data, 9-5 won’t do!)

For most, delivery through a partner business is a good option, and

there are many excellent providers to choose from. To find the right

vendor - one that has a lot of experience and successes under its belt

with businesses similar to yours – you will need to dedicate significant

effort to research.

Talk to your colocation provider; we want your implementation to work

first time and have years of experience in migration and troubleshoot-

ing, as well as good working relationships with a range of service and

connectivity providers. Sign up and research groups and associations.

Remember that face to face communication is often fuller and franker

than published material, so attend events.

When you have a shortlist, request statistics on reliability (uptime,

availability) and security. Ask for and follow up references. Meet with

other clients that are of a similar size or have similar needs and find

out what they have learned from their own cloud experiences. Ask

about pricing. Ask about the features they are getting and which ones

they wish they were getting. Ask about any security and reliability

issues. You need to know everything that could possibly go wrong in

order to stop it happening.

When you are getting to know a cloud partner, don’t forget the obvious questions:

6 Can you show me some satisfied customer content like customer cases and endorse-ments?

7Have you got experience in my sector? (check the website; ask for contact with previous customers).

8Do you sell competing products? Look out for potential conflicts of interest.

9 Does your portfolio (and footprint) map to my digital needs, not just now but as I grow? (and how fast are you growing anyway?)

10Just how well do you understand the product you are selling? (come and present the features to the team and explain the opportunities they offer).


1413

While there is potential for waste, consider using more than one

provider because this lets you compare partners in a real-world

situation. It is perfectly practical – and becoming increasingly

common - to have a hybrid between multiple clouds, or to run

multiple solutions across multiple clouds. As mentioned in Part

One: Planning, Rightscale estimate that enterprises are running

applications in an average of 1.8 public clouds and 2.3 private

clouds and experimenting with around the same number in each

category. As time passes, you can migrate more to the one that

you like the best. Regard this flexibility as an investment.

Migration is a disruptive process and this is a long-term move, so

it’s important to get maximum flexibility and optimum support.

Again, geography should come into your considerations. Factors like

emerging data protection regulations and IoT/Machine-to-Machine

communications can require major infrastructure extensions. Also, your

cloud infrastructure should be ready to support you in new markets.

Regional reach and redundancy can be enabled through the flexible

interconnections in a cloud-neutral data center. Pick your traffic region,

add an availability zone, and include backup sites to overcome any

Single Point of Failure. Then provision your server and configure your

services. The process is straightforward and – in a carrier-neutral

environment - cost-effective. Then you can expand to other zones and

regions as needed.

AVOIDING LOCK-IN,ENABLING GROWTH


15 16

YOUR CLOUD INFRASTRUCTURE SHOULD

BE READY TO SUPPORT YOU IN NEW MARKETS


17 18

SERVICE LEVELS& PERFORMANCE

Standard SLAs tend to fall short when it comes to hybrid cloud

deployments, as each hybrid deployment is different. SLAs need to

establish clear guidelines of engagement for both the user and

service provider.

The SLA should address three primary risk areas:

Data

Who secures the link when data leaves the private cloud? There are

privacy and integrity concerns associated with this data movement

because the privacy controls in the public cloud vary significantly from

the private cloud. The SLA should address data custody, control,

possession, and right of return.

Compliance

Businesses still need to comply with regulations that pertain to data

governance, even if data leaves the premise. SLAs need to clearly

outline the service provider’s compliance with regulations like

Sarbanes-Oxley, healthcare data or payment standards (PCI).

Audit

SLAs should cover access to the documents necessary to demonstrate

compliance to an auditor and also specify who pays for the service

provider’s time during an audit.

Availability and Performance

Availability generally means different things depending on the

services offered. For IaaS, availability is usually defined in terms of

infrastructure, such as cloud servers and storage. For PaaS, availability

may be defined in terms of functionality and access to the platform,

and for SaaS providers, availability will be defined in terms of

application and data availability. Ensure that guarantees and

definitions are clearly outlined in the SLA.

Outages & Updates

What happens when a portion of the hybrid cloud becomes

unavailable due to an outage or a natural disaster? Whether the

problem occurs in the private cloud or the public cloud, the SLA

should spell out a coordinated and transparent process so that both

parties work together to resolve the problem at hand. Update

schedules should also be clearly defined in the SLA.


19 20

One of the great benefits of the cloud is the variable levels of

security it can bring, with built-in encryption, and/or API keys to

help keep data secure, as well as dedicated service providers

offering the latest solutions to security challenges. There is also an

increasing range of specialist security solution providers, many of

them focused on identifying danger signs from user behaviour.

However, with the growth in cyber attacks, in particular data theft,

DoS and DDoS, security represents one of the cloud’s greatest

challenges. Security should be central to the cloud delivery models

you select at the outset of your cloud journey, and it should continue

to be central to your day-to-day cloud management.

By evaluating and managing the security of your cloud services, it is

possible to mitigate risk and maintain, or even surpass, the levels of

security in the traditional IT environment. But this requires a very

rigorous and transparent approach.

SECURITY:FIRST & LAST

Key considerations should be:

Ensuring effective governance, risk and compliance processes are in place

Auditing operational and business processes

Managing people, roles and identities

Ensuring adequate protection of data and information

Policing and enforcing privacy policies

Assessing security provisions for cloud applications

Ensuring cloud networks and connections are secure

Evaluating security controls on physical infrastructure and facilities

Managing security terms in the cloud service agreement

Understanding the security requirements of the

contract conclusion/exit process


21 2221 22

Top 10 security questions to ask prospective cloud providers:

Expect convincing answers to the following questions, but make sure the responses are also reflected in your contract:

1Who can see my information?

2 Is my data located in multiple data centers in different locations so that it is protected from regional attacks?

3 What redundancies do you have in place to protect my data?

4What specific measures do you take to encrypt my data?

5How do you manage encryption keys?

6What happens and how will you restore my data if there is a crash or cyberattack? (Also how long will it take to complete a request to clone or refresh a database or application?)

7 What security certifications do you have?

8 Are you compliant with the latest security protocols?

9 If a breach occurs, what are the provider’s policies regarding disclosure, and how long before you are notified?

10 If you are a reseller, who is responsible for service and support?


23 24

While the stages and considerations set out in this and the

previous paper on planning are by no means exhaustive, they will

hopefully give readers planning the move to hybrid a framework

for discussion as well as some fresh ideas:

Part 1: Planning

Business needs definition

Outcomes definition and articulation

Cloud Portfolio/Service Catalog creation

Cloud Delivery Model analysis

Culture check, internal stakeholder engagement program

Cloud Readiness Assessment, budgeting, ROI analysis

Cloud Roadmap launch

Resource Review: data and team

Part 2: Implementation

Cloud-neutral colocation and marketplace access

Cloud provider selection

Expert partner assessment and selection

Multi-cloud approach and geographies

SLA and Security, processes and considerations

A final few words. Dedicating your valuable time to the research,

planning and negotiation necessary to build a better hybrid cloud

will pay major dividends. Handled correctly, it will drive profit

from cost, putting IT at the heart of new product development

and revenue generation, enabling the expansion – and ultimately

the transformation – of your business.

CONCLUSION: THE ROAD TO THE HYBRID CLOUD


25 26

SOURCES& FURTHER READING

McAfee State of Cloud & Securitywww.mcafee.com/us/solutions/lp/cloud-security-report.html

Cisco Cloud Indexhttp://www.cisco.com/c/en/us/solutions/collateral/service-provider/global-cloud-index- gci/Cloud_Index_White_Paper.html

Public IaaS Competition webinarhttps://www.sitepoint.com/a-side-by-side-comparison-of-aws-google-cloud-and-azure/

Very readable comparison AWS to Azurehttp://www.euroitgroup.com/aws-vs-azure-cloud-computing-comparison/

Azure v AWS deckhttps://www.slideshare.net/rightscale/azure-vs-aws-best-prac

Shifting market shares big threehttp://www.cnbc.com/2017/04/27/microsoft-azure-growing-faster-than-aws-googlecloud-behind.html

Shared Responsibilityhttps://blogs.msdn.microsoft.com/azuresecurity/2016/04/18/what-does-shared- responsibility-in-the-cloud-mean/

CloudSpectator Top 10 European CSPshttp://connect.cloudspectator.com/european-cloud-service-providers-report-download

SLA Guidehttp://www.cloud-council.org/deliverables/practical-guide-to-cloud-service-agreements.htm

Security 10 Steps (2015 version)http://www.cloud-council.org/deliverables/CSCC-Security-for-Cloud-Computing-10- Steps-to-Ensure-Success.pdf

There is a huge amount of free information available. Here is a selection worth exploring:

NewsThe WHIR news and info: www.thewhir.com/category/cloud-computingCloudTech: useful news stream: www.cloudcomputing-news.netNetworkWorld from IDG: www.networkworld.com

InsightsDetailed planning: www.cloudindustryforum.org/content/cloud-adoption-roadmap 451 cloud research and insights: www.451research.comHybrid considerations: www.computerworld.com/article/2834193/cloud-comput-ing/5-tips-for-building-a-successful-hybrid-cloud.htmlEuroCloud pan-European know-how and standards: www.eurocloud.orgPerformance and pricing analysis: www.cloudspectator.com

GroupsSpiceworks Cloud Computing & SaaS forum: www.community.spiceworks.comGoogle forum: www.groups.google.com/forum/#!forum/cloud-computingLinked in Virtualization & Cloud Computing Group: www.linkedin.com/groups/57400/profileLinked in Cloud Security Alliance: www.linkedin.com/groups/1864210/profile

StandardsEuropean Cloud Standards Coordination: www.csc.etsi.orgCloud Standards Customer Council: www.cloud-council.org

TrainingDigitale Infrastructuur Nederland: Cloud University project: www.dinl.nl/en/dossiers/cloud-universityInteractive learning: www.cloudindustryforum.org/content/e-learning-courses

CasesCIO insights on cloud journey (hospitality, automotive, events, gaming): www.i-cio.com/strategy/cloud/item/four-pioneering-cios-on-the-journey-to-a-cloud-centric-worldFinancial services sector move to hybrid presentation: www.vimeo.com/152443510


2827

Colophon

TextThe Communication Matrix LtdSander DeutekomPatrick van der Wilt Eric Boonstra

Date of publicationSeptember 12, 2017

DesignStudio Piraat

Acknowledgements:Many thanks to Leahanne Hobson of Alinea Partners for cloud purchasing insights gained in the execution of the company’s Secret Shopping and Customer Experience Certification programme

how to build a better cloud - evoswitch.com · how to build a better cloud part two 7 8. ... in a...

Documents